Preventing Unauthorized Product Access. Outsourced processing: Blogman DMCC hosts its Services with third party service providers. Additionally, Blogman DMCC maintains contractual relationships with service providers in order to provide the Service in accordance with our Data Processing Agreement. Blogman DMCC relies on contractual agreements, privacy policies, and service providers compliance programs in order to protect data processed or stored by these service providers. Physical and environmental security: Blogman DMCC hosts its product infrastructure with multi-tenant, outsourced infrastructure providers. The physical and environmental security controls are audited for SOC 2 Type II and ISO 27001 compliance, among other certifications. Authentication: Blogman DMCC implemented a uniform password policy for its Service. Users who interact with the Service must authenticate before accessing non-public data. Authorization: Client data is stored in multi-tenant storage systems accessible to users via only application user interfaces and application programming interfaces. Users are not allowed direct access to the underlying application infrastructure. Application Programming Interface (API) access: Public product APIs may be accessed using an API key or through Oauth authorization.
Appears in 2 contracts
Sources: Data Processing Addendum, Data Processing Agreement